Medium severity5.5NVD Advisory· Published Jul 6, 2018· Updated Jun 17, 2026
CVE-2018-5836
CVE-2018-5836
Description
In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5Range: All Android releases from CAF using the Linux kernel
Patches
Vulnerability mechanics
References
3- source.android.com/security/bulletin/pixel/2018-06-01nvdPatchVendor Advisory
- source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/nvdPatch
- www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletinnvdPatchThird Party Advisory
News mentions
0No linked articles in our index yet.